More cyber attacks to come‚ says SA tech security expert

29 June 2017 - 11:13 By Jeff Wicks
Image: iStock

Online security experts have warned that this week’s cyber attack is “just the beginning”.

The so-called Petya ransom ware attack originated in Ukraine on Tuesday‚ spreading through Europe and across the globe into Wednesday.

And while there was minimal impact in South Africa‚ local online security experts believe that the hackers could have been testing the waters to see who was vulnerable to future attacks.

Ransom ware is malicious code embedded by hackers into companies’ or individuals’ computer networks‚ infecting those systems. The code essentially locks the system‚ and only the hacker can unlock it – which they will only do once a ransom is paid.

Craig Rosewarne‚ MD of Wolfpack Information Risk‚ said that there were very few South African companies hit.

This was backed up by figures provided by IT security company ESET South Africa‚ which indicated that only 0.03% of all victims were South African. Most of the victims – 75.24% – were in Ukraine‚ followed by 9.06% in Germany and 5.81% in Poland.

It is the second major cyber attack in the last two months‚ with a “WannaCry” attack in May operating in a similar fashion.

“At this stage‚ it seems there were very few attacks in South Africa‚” said Rosewarne. “But I really believe this‚ and WannaCry‚ were not really made to make money. These were reconnaissance probes of something bigger that’s to come. They were just testing the water to see who is vulnerable.”

Manny Corregedor‚ of Telspace Systems‚ said that the South African impact of the latest global cyber attack was difficult to gauge.

“I haven't heard of a major impact. There was a rumour that a retailer or fast food outlet got hit by it but I haven't confirmed that‚” he said.

Corregedor said companies’ reaction to the WannaCry attack could be one of the reasons why they weren’t hit.

“This is similar to WannaCry‚ so I’m hoping most of the organisations learnt their lessons from that. Either way‚ in South Africa it’s always difficult to tell what the impact is of these types of attacks because organisations don't have to disclose that they have been attacked‚” he said.

TimesLIVE is aware of at least one instance where the South African branch of a multinational company was hit.

An employee‚ who did not want to be named‚ described how the hacker hit while staff were at their desks on Tuesday.

“Computers wouldn’t allow us on the network‚ showing an error message. We kept working‚ thinking it’s the usual network connectivity issue.

A few minutes later‚ folders on desktops weren’t working and then screens went dark. An animated smiley face appeared‚ which became a sad face. A countdown began from 10‚ and when it got to 1‚ screens switched off‚” the employee said.

-TimesLIVE

X